Was testing the CVE-2023-38146 exploit also known as themebleed
osquery and yara rules
As we have already installed osquery, now we will try to check the feature yara rules matching
Easy UAC bypass using Task Manager
Recently I have learned that you can easily bypass UAC from task manager and I tend to use that information and see how far I can escalate
osquery and FIM using ELK
To check file integrity monitoring from every system is practically impossible so in this writeup, we will use ELK to better search and check for potential issues
osquery and file integrity monitoring
As we have already installed osquery, now we will try to check the feature of file integrity monitoring.